diff --git a/docs/cli/fleet-agent/fleet-agent.md b/docs/cli/fleet-agent/fleet-agent.md index 42cc847ff..502616b5b 100644 --- a/docs/cli/fleet-agent/fleet-agent.md +++ b/docs/cli/fleet-agent/fleet-agent.md @@ -20,6 +20,5 @@ fleet-agent [flags] -h, --help help for fleet-agent --kubeconfig string kubeconfig file --namespace string namespace to watch - --simulators int Numbers of simulators to run ``` diff --git a/docs/cli/fleet-cli/fleet.md b/docs/cli/fleet-cli/fleet.md index 749310b31..b501c2c12 100644 --- a/docs/cli/fleet-cli/fleet.md +++ b/docs/cli/fleet-cli/fleet.md @@ -25,5 +25,6 @@ fleet [flags] ### SEE ALSO * [fleet apply](./fleet_apply) - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager +* [fleet cleanup](./fleet_cleanup) - Clean up outdated cluster registrations * [fleet test](./fleet_test) - Match a bundle to a target and render the output diff --git a/docs/cli/fleet-cli/fleet_apply.md b/docs/cli/fleet-cli/fleet_apply.md index e5968fcce..6d343f0a9 100644 --- a/docs/cli/fleet-cli/fleet_apply.md +++ b/docs/cli/fleet-cli/fleet_apply.md @@ -13,24 +13,30 @@ fleet apply [flags] BUNDLE_NAME PATH... ### Options ``` - -b, --bundle-file string Location of the raw Bundle resource yaml - --cacerts-file string Path of custom cacerts for helm repo - --commit string Commit to assign to the bundle - -c, --compress Force all resources to be compress - --debug Turn on debug logging - --debug-level int If debugging is enabled, set klog -v=X - -f, --file string Location of the fleet.yaml - -h, --help help for apply - -l, --label strings Labels to apply to created bundles - -o, --output string Output contents to file or - for stdout - --password-file string Path of file containing basic auth password for helm repo - --paused Create bundles in a paused state - -a, --service-account string Service account to assign to bundle created - --ssh-privatekey-file string Path of ssh-private-key for helm repo - --sync-generation int Generation number used to force sync the deployment - --target-namespace string Ensure this bundle goes to this target namespace - --targets-file string Addition source of targets and restrictions to be append - --username string Basic auth username for helm repo + -b, --bundle-file string Location of the raw Bundle resource yaml + --cacerts-file string Path of custom cacerts for helm repo + --commit string Commit to assign to the bundle + -c, --compress Force all resources to be compress + --correct-drift Rollback any change made from outside of Fleet + --correct-drift-force Use --force when correcting drift. Resources can be deleted and recreated + --correct-drift-keep-fail-history Keep helm history for failed rollbacks + --debug Turn on debug logging + --debug-level int If debugging is enabled, set klog -v=X + -f, --file string Location of the fleet.yaml + --helm-credentials-by-path-file string Path of file containing helm credentials for paths + --helm-repo-url-regex string Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided + -h, --help help for apply + --keep-resources Keep resources created after the GitRepo or Bundle is deleted + -l, --label strings Labels to apply to created bundles + -o, --output string Output contents to file or - for stdout + --password-file string Path of file containing basic auth password for helm repo + --paused Create bundles in a paused state + -a, --service-account string Service account to assign to bundle created + --ssh-privatekey-file string Path of ssh-private-key for helm repo + --sync-generation int Generation number used to force sync the deployment + --target-namespace string Ensure this bundle goes to this target namespace + --targets-file string Addition source of targets and restrictions to be append + --username string Basic auth username for helm repo ``` ### Options inherited from parent commands diff --git a/docs/cli/fleet-cli/fleet_cleanup.md b/docs/cli/fleet-cli/fleet_cleanup.md new file mode 100644 index 000000000..a42b7e42e --- /dev/null +++ b/docs/cli/fleet-cli/fleet_cleanup.md @@ -0,0 +1,36 @@ +--- +title: "" +sidebar_label: "fleet cleanup" +--- +## fleet cleanup + +Clean up outdated cluster registrations + +``` +fleet cleanup [flags] +``` + +### Options + +``` + --debug Turn on debug logging + --debug-level int If debugging is enabled, set klog -v=X + --factor string Factor to increase delay between deletes (default: 1.1) + -h, --help help for cleanup + --max string Maximum delay between deletes (default: 5s) + --min string Minimum delay between deletes (default: 10ms) +``` + +### Options inherited from parent commands + +``` + --context string kubeconfig context for authentication + -k, --kubeconfig string kubeconfig for authentication + -n, --namespace string namespace (default "fleet-local") + --system-namespace string System namespace of the controller (default "cattle-fleet-system") +``` + +### SEE ALSO + +* [fleet](./fleet) - + diff --git a/docs/cli/fleet-controller/fleet-manager.md b/docs/cli/fleet-controller/fleet-manager.md index 4b1077f8d..77849ca26 100644 --- a/docs/cli/fleet-controller/fleet-manager.md +++ b/docs/cli/fleet-controller/fleet-manager.md @@ -15,7 +15,7 @@ fleet-manager [flags] ``` --debug Turn on debug logging --debug-level int If debugging is enabled, set klog -v=X - --disable-bootstrap disable agent on local cluster + --disable-bootstrap disable local cluster components --disable-gitops disable gitops components -h, --help help for fleet-manager --kubeconfig string Kubeconfig file diff --git a/docs/ref-crds.md b/docs/ref-crds.md index 4f49ee176..0c7bfc090 100644 --- a/docs/ref-crds.md +++ b/docs/ref-crds.md @@ -1,32 +1,19 @@ # Custom Resources Spec -* [GitRepo](#gitrepo) -* [GitRepoRestriction](#gitreporestriction) * [Bundle](#bundle) * [BundleDeployment](#bundledeployment) * [BundleNamespaceMapping](#bundlenamespacemapping) -* [Content](#content) -* [ImageScan](#imagescan) * [Cluster](#cluster) * [ClusterGroup](#clustergroup) * [ClusterRegistration](#clusterregistration) * [ClusterRegistrationToken](#clusterregistrationtoken) +* [Content](#content) +* [GitRepo](#gitrepo) +* [GitRepoRestriction](#gitreporestriction) +* [ImageScan](#imagescan) # Sub Resources -* [CorrectDrift](#correctdrift) -* [GitRepoDisplay](#gitrepodisplay) -* [GitRepoResource](#gitreporesource) -* [GitRepoResourceCounts](#gitreporesourcecounts) -* [GitRepoSpec](#gitrepospec) -* [GitRepoStatus](#gitrepostatus) -* [GitTarget](#gittarget) -* [ResourcePerClusterState](#resourceperclusterstate) -* [BundleDeploymentDisplay](#bundledeploymentdisplay) -* [BundleDeploymentOptions](#bundledeploymentoptions) -* [BundleDeploymentResource](#bundledeploymentresource) -* [BundleDeploymentSpec](#bundledeploymentspec) -* [BundleDeploymentStatus](#bundledeploymentstatus) * [BundleDisplay](#bundledisplay) * [BundleRef](#bundleref) * [BundleResource](#bundleresource) @@ -35,6 +22,16 @@ * [BundleSummary](#bundlesummary) * [BundleTarget](#bundletarget) * [BundleTargetRestriction](#bundletargetrestriction) +* [NonReadyResource](#nonreadyresource) +* [Partition](#partition) +* [PartitionStatus](#partitionstatus) +* [ResourceKey](#resourcekey) +* [RolloutStrategy](#rolloutstrategy) +* [BundleDeploymentDisplay](#bundledeploymentdisplay) +* [BundleDeploymentOptions](#bundledeploymentoptions) +* [BundleDeploymentResource](#bundledeploymentresource) +* [BundleDeploymentSpec](#bundledeploymentspec) +* [BundleDeploymentStatus](#bundledeploymentstatus) * [ComparePatch](#comparepatch) * [ConfigMapKeySelector](#configmapkeyselector) * [DiffOptions](#diffoptions) @@ -43,24 +40,15 @@ * [KustomizeOptions](#kustomizeoptions) * [LocalObjectReference](#localobjectreference) * [ModifiedStatus](#modifiedstatus) -* [NonReadyResource](#nonreadyresource) * [NonReadyStatus](#nonreadystatus) * [Operation](#operation) -* [Partition](#partition) -* [PartitionStatus](#partitionstatus) -* [ResourceKey](#resourcekey) -* [RolloutStrategy](#rolloutstrategy) * [SecretKeySelector](#secretkeyselector) * [ValuesFrom](#valuesfrom) * [YAMLOptions](#yamloptions) -* [AlphabeticalPolicy](#alphabeticalpolicy) -* [CommitSpec](#commitspec) -* [ImagePolicyChoice](#imagepolicychoice) -* [ImageScanSpec](#imagescanspec) -* [ImageScanStatus](#imagescanstatus) -* [SemVerPolicy](#semverpolicy) * [AgentStatus](#agentstatus) * [ClusterDisplay](#clusterdisplay) +* [ClusterSpec](#clusterspec) +* [ClusterStatus](#clusterstatus) * [ClusterGroupDisplay](#clustergroupdisplay) * [ClusterGroupSpec](#clustergroupspec) * [ClusterGroupStatus](#clustergroupstatus) @@ -68,178 +56,20 @@ * [ClusterRegistrationStatus](#clusterregistrationstatus) * [ClusterRegistrationTokenSpec](#clusterregistrationtokenspec) * [ClusterRegistrationTokenStatus](#clusterregistrationtokenstatus) -* [ClusterSpec](#clusterspec) -* [ClusterStatus](#clusterstatus) - -#### CorrectDrift - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| enabled | Enabled correct drift if true. | bool | false | -| force | Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release. | bool | false | -| keepFailHistory | KeepFailHistory keeps track of failed rollbacks in the helm history. | bool | false | - -[Back to Custom Resources](#custom-resources) - -#### GitRepo - -GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| metadata | | metav1.ObjectMeta | false | -| spec | | [GitRepoSpec](#gitrepospec) | false | -| status | | [GitRepoStatus](#gitrepostatus) | false | - -[Back to Custom Resources](#custom-resources) - -#### GitRepoDisplay - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| readyBundleDeployments | ReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments. | string | false | -| state | State is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank. | string | false | -| message | Message contains the relevant message from the deployment conditions. | string | false | -| error | Error is true if a message is present. | bool | false | - -[Back to Custom Resources](#custom-resources) - -#### GitRepoResource - -GitRepoResource contains metadata about the resources of a bundle. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| apiVersion | APIVersion is the API version of the resource. | string | false | -| kind | Kind is the k8s kind of the resource. | string | false | -| type | Type is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\". | string | false | -| id | ID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\". | string | false | -| namespace | Namespace of the resource. | string | false | -| name | Name of the resource. | string | false | -| incompleteState | IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states. | bool | false | -| state | State is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\". | string | false | -| error | Error is true if any Error in the PerClusterState is true. | bool | false | -| transitioning | Transitioning is true if any Transitioning in the PerClusterState is true. | bool | false | -| message | Message is the first message from the PerClusterStates. | string | false | -| perClusterState | PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources. | \[\][ResourcePerClusterState](#resourceperclusterstate) | false | - -[Back to Custom Resources](#custom-resources) - -#### GitRepoResourceCounts - -GitRepoResourceCounts contains the number of resources in each state. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| ready | Ready is the number of ready resources. | int | true | -| desiredReady | DesiredReady is the number of resources that should be ready. | int | true | -| waitApplied | WaitApplied is the number of resources that are waiting to be applied. | int | true | -| modified | Modified is the number of resources that have been modified. | int | true | -| orphaned | Orphaned is the number of orphaned resources. | int | true | -| missing | Missing is the number of missing resources. | int | true | -| unknown | Unknown is the number of resources in an unknown state. | int | true | -| notReady | NotReady is the number of not ready resources. Resources are not ready if they do not match any other state. | int | true | - -[Back to Custom Resources](#custom-resources) - -#### GitRepoRestriction - -GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| metadata | | metav1.ObjectMeta | false | -| defaultServiceAccount | DefaultServiceAccount overrides the GitRepo's default service account. | string | false | -| allowedServiceAccounts | AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use. | []string | false | -| allowedRepoPatterns | AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo. | []string | false | -| defaultClientSecretName | DefaultClientSecretName overrides the GitRepo's default client secret. | string | false | -| allowedClientSecretNames | AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use. | []string | false | -| allowedTargetNamespaces | AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set. | []string | false | - -[Back to Custom Resources](#custom-resources) - -#### GitRepoSpec - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| repo | Repo is a URL to a git repo to clone and index. | string | false | -| branch | Branch The git branch to follow. | string | false | -| revision | Revision A specific commit or tag to operate on. | string | false | -| targetNamespace | Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand. | string | false | -| clientSecretName | ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\". | string | false | -| helmSecretName | HelmSecretName contains the auth secret for a private Helm repository. | string | false | -| helmSecretNameForPaths | HelmSecretNameForPaths contains the auth secret for private Helm repository for each path. | string | false | -| helmRepoURLRegex | HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided. | string | false | -| caBundle | CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate. | []byte | false | -| insecureSkipTLSVerify | InsecureSkipTLSverify will use insecure HTTPS to clone the repo. | bool | false | -| paths | Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default. | []string | false | -| paused | Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync. | bool | false | -| serviceAccount | ServiceAccount used in the downstream cluster for deployment. | string | false | -| targets | Targets is a list of targets this repo will deploy to. | \[\][GitTarget](#gittarget) | false | -| pollingInterval | PollingInterval is how often to check git for new updates. | *metav1.Duration | false | -| forceSyncGeneration | Increment this number to force a redeployment of contents from Git. | int64 | false | -| imageScanInterval | ImageScanInterval is the interval of syncing scanned images and writing back to git repo. | *metav1.Duration | false | -| imageScanCommit | Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo. | [CommitSpec](#commitspec) | false | -| keepResources | KeepResources specifies if the resources created must be kept after deleting the GitRepo. | bool | false | -| correctDrift | CorrectDrift specifies how drift correction should work. | [CorrectDrift](#correctdrift) | false | - -[Back to Custom Resources](#custom-resources) - -#### GitRepoStatus - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| observedGeneration | ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status. | int64 | true | -| commit | Commit is the Git commit hash from the last gitjob run. | string | false | -| readyClusters | ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo. | int | true | -| desiredReadyClusters | DesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo. | int | true | -| gitJobStatus | GitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error. | string | false | -| summary | Summary contains the number of bundle deployments in each state and a list of non-ready resources. | [BundleSummary](#bundlesummary) | false | -| display | Display contains a human readable summary of the status. | [GitRepoDisplay](#gitrepodisplay) | false | -| conditions | Conditions is a list of Wrangler conditions that describe the state of the GitRepo. | []genericcondition.GenericCondition | false | -| resources | Resources contains metadata about the resources of each bundle. | \[\][GitRepoResource](#gitreporesource) | false | -| resourceCounts | ResourceCounts contains the number of resources in each state over all bundles. | [GitRepoResourceCounts](#gitreporesourcecounts) | false | -| resourceErrors | ResourceErrors is a sorted list of errors from the resources. | []string | false | -| lastSyncedImageScanTime | LastSyncedImageScanTime is the time of the last image scan. | metav1.Time | false | - -[Back to Custom Resources](#custom-resources) - -#### GitTarget - -GitTarget is a cluster or cluster group to deploy to. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | Name is the name of this target. | string | false | -| clusterName | ClusterName is the name of a cluster. | string | false | -| clusterSelector | ClusterSelector is a label selector to select clusters. | *metav1.LabelSelector | false | -| clusterGroup | ClusterGroup is the name of a cluster group in the same namespace as the clusters. | string | false | -| clusterGroupSelector | ClusterGroupSelector is a label selector to select cluster groups. | *metav1.LabelSelector | false | - -[Back to Custom Resources](#custom-resources) - -#### ResourcePerClusterState - -ResourcePerClusterState is generated for each non-ready resource of the bundles. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| state | State is the state of the resource. | string | false | -| error | Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources. | bool | false | -| transitioning | Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources. | bool | false | -| message | Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'. | string | false | -| patch | Patch for modified resources. | *GenericMap | false | -| clusterId | ClusterID is the id of the cluster. | string | false | - -[Back to Custom Resources](#custom-resources) +* [CommitSpec](#commitspec) +* [CorrectDrift](#correctdrift) +* [GitRepoDisplay](#gitrepodisplay) +* [GitRepoResource](#gitreporesource) +* [GitRepoResourceCounts](#gitreporesourcecounts) +* [GitRepoSpec](#gitrepospec) +* [GitRepoStatus](#gitrepostatus) +* [GitTarget](#gittarget) +* [ResourcePerClusterState](#resourceperclusterstate) +* [AlphabeticalPolicy](#alphabeticalpolicy) +* [ImagePolicyChoice](#imagepolicychoice) +* [ImageScanSpec](#imagescanspec) +* [ImageScanStatus](#imagescanstatus) +* [SemVerPolicy](#semverpolicy) #### Bundle @@ -253,6 +83,192 @@ Bundle contains the resources of an application and its deployment options. It w [Back to Custom Resources](#custom-resources) +#### BundleDisplay + +BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| readyClusters | ReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready. | string | false | +| state | State is a summary state for the bundle, calculated over the non-ready resources. | string | false | + +[Back to Custom Resources](#custom-resources) + +#### BundleRef + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | Name of the bundle. | string | false | +| selector | Selector matching bundle's labels. | *metav1.LabelSelector | false | + +[Back to Custom Resources](#custom-resources) + +#### BundleResource + +BundleResource represents the content of a single resource from the bundle, like a YAML manifest. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | Name of the resource, can include the bundle's internal path. | string | false | +| content | The content of the resource, can be compressed. | string | false | +| encoding | Encoding is either empty or \"base64+gz\". | string | false | + +[Back to Custom Resources](#custom-resources) + +#### BundleSpec + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| paused | Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync. | bool | false | +| rolloutStrategy | RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability. | *[RolloutStrategy](#rolloutstrategy) | false | +| resources | Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts. | \[\][BundleResource](#bundleresource) | false | +| targets | Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used. | \[\][BundleTarget](#bundletarget) | false | +| targetRestrictions | TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target. | \[\][BundleTargetRestriction](#bundletargetrestriction) | false | +| dependsOn | DependsOn refers to the bundles which must be ready before this bundle can be deployed. | \[\][BundleRef](#bundleref) | false | + +[Back to Custom Resources](#custom-resources) + +#### BundleStatus + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| conditions | Conditions is a list of Wrangler conditions that describe the state of the bundle. | []genericcondition.GenericCondition | false | +| summary | Summary contains the number of bundle deployments in each state and a list of non-ready resources. | [BundleSummary](#bundlesummary) | false | +| newlyCreated | NewlyCreated is the number of bundle deployments that have been created, not updated. | int | false | +| unavailable | Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec. | int | true | +| unavailablePartitions | UnavailablePartitions is the number of unavailable partitions. | int | true | +| maxUnavailable | MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration. | int | true | +| maxUnavailablePartitions | MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions. | int | true | +| maxNew | MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time. | int | false | +| partitions | PartitionStatus lists the status of each partition. | \[\][PartitionStatus](#partitionstatus) | false | +| display | Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources. | [BundleDisplay](#bundledisplay) | false | +| resourceKey | ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.. | \[\][ResourceKey](#resourcekey) | false | +| observedGeneration | ObservedGeneration is the current generation of the bundle. | int64 | true | + +[Back to Custom Resources](#custom-resources) + +#### BundleSummary + +BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| notReady | NotReady is the number of bundle deployments that have been deployed where some resources are not ready. | int | false | +| waitApplied | WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed. | int | false | +| errApplied | ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle. | int | false | +| outOfSync | OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent. | int | false | +| modified | Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced. | int | false | +| ready | Ready is the number of bundle deployments that have been deployed where all resources are ready. | int | true | +| pending | Pending is the number of bundle deployments that are being processed by Fleet controller. | int | false | +| desiredReady | DesiredReady is the number of bundle deployments that should be ready. | int | true | +| nonReadyResources | NonReadyClusters is a list of states, which is filled for a bundle that is not ready. | \[\][NonReadyResource](#nonreadyresource) | false | + +[Back to Custom Resources](#custom-resources) + +#### BundleTarget + +BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | Name of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be used | string | false | +| clusterName | ClusterName to match a specific cluster by name that will be selected | string | false | +| clusterSelector | ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated. | *metav1.LabelSelector | false | +| clusterGroup | ClusterGroup to match a specific cluster group by name. | string | false | +| clusterGroupSelector | ClusterGroupSelector is a selector to match cluster groups. | *metav1.LabelSelector | false | +| doNotDeploy | DoNotDeploy if set to true, will not deploy to this target. | bool | false | + +[Back to Custom Resources](#custom-resources) + +#### BundleTargetRestriction + +BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | | string | false | +| clusterName | | string | false | +| clusterSelector | | *metav1.LabelSelector | false | +| clusterGroup | | string | false | +| clusterGroupSelector | | *metav1.LabelSelector | false | + +[Back to Custom Resources](#custom-resources) + +#### NonReadyResource + +NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | Name is the name of the resource. | string | false | +| bundleState | State is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\". | BundleState | false | +| message | Message contains information why the bundle is not ready. | string | false | +| modifiedStatus | ModifiedStatus lists the state for each modified resource. | \[\][ModifiedStatus](#modifiedstatus) | false | +| nonReadyStatus | NonReadyStatus lists the state for each non-ready resource. | \[\][NonReadyStatus](#nonreadystatus) | false | + +[Back to Custom Resources](#custom-resources) + +#### Partition + +Partition defines a separate rollout strategy for a set of clusters. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | A user-friendly name given to the partition used for Display (optional). | string | false | +| maxUnavailable | A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10% | *intstr.IntOrString | false | +| clusterName | ClusterName is the name of a cluster to include in this partition | string | false | +| clusterSelector | Selector matching cluster labels to include in this partition | *metav1.LabelSelector | false | +| clusterGroup | A cluster group name to include in this partition | string | false | +| clusterGroupSelector | Selector matching cluster group labels to include in this partition | *metav1.LabelSelector | false | + +[Back to Custom Resources](#custom-resources) + +#### PartitionStatus + +PartitionStatus is the status of a single rollout partition. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | Name is the name of the partition. | string | false | +| count | Count is the number of clusters in the partition. | int | false | +| maxUnavailable | MaxUnavailable is the maximum number of unavailable clusters in the partition. | int | false | +| unavailable | Unavailable is the number of unavailable clusters in the partition. | int | false | +| summary | Summary is a summary state for the partition, calculated over its non-ready resources. | [BundleSummary](#bundlesummary) | false | + +[Back to Custom Resources](#custom-resources) + +#### ResourceKey + +ResourceKey lists resources, which will likely be deployed. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| kind | Kind is the k8s api kind of the resource. | string | false | +| apiVersion | APIVersion is the k8s api version of the resource. | string | false | +| namespace | Namespace is the namespace of the resource. | string | false | +| name | Name is the name of the resource. | string | false | + +[Back to Custom Resources](#custom-resources) + +#### RolloutStrategy + +RolloverStrategy controls the rollout of the bundle across clusters. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| maxUnavailable | A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100% | *intstr.IntOrString | false | +| maxUnavailablePartitions | A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0 | *intstr.IntOrString | false | +| autoPartitionSize | A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25% | *intstr.IntOrString | false | +| partitions | A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize. | \[\][Partition](#partition) | false | + +[Back to Custom Resources](#custom-resources) + #### BundleDeployment BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing. @@ -348,137 +364,6 @@ BundleDeploymentResource contains the metadata of a deployed resource. [Back to Custom Resources](#custom-resources) -#### BundleDisplay - -BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| readyClusters | ReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready. | string | false | -| state | State is a summary state for the bundle, calculated over the non-ready resources. | string | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleNamespaceMapping - -BundleNamespaceMapping maps bundles to clusters in other namespaces. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| metadata | | metav1.ObjectMeta | false | -| bundleSelector | | *metav1.LabelSelector | false | -| namespaceSelector | | *metav1.LabelSelector | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleRef - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | Name of the bundle. | string | false | -| selector | Selector matching bundle's labels. | *metav1.LabelSelector | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleResource - -BundleResource represents the content of a single resource from the bundle, like a YAML manifest. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | Name of the resource, can include the bundle's internal path. | string | false | -| content | The content of the resource, can be compressed. | string | false | -| encoding | Encoding is either empty or \"base64+gz\". | string | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleSpec - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| BundleDeploymentOptions | | [BundleDeploymentOptions](#bundledeploymentoptions) | false | -| paused | Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync. | bool | false | -| rolloutStrategy | RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability. | *[RolloutStrategy](#rolloutstrategy) | false | -| resources | Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts. | \[\][BundleResource](#bundleresource) | false | -| targets | Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used. | \[\][BundleTarget](#bundletarget) | false | -| targetRestrictions | TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target. | \[\][BundleTargetRestriction](#bundletargetrestriction) | false | -| dependsOn | DependsOn refers to the bundles which must be ready before this bundle can be deployed. | \[\][BundleRef](#bundleref) | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleStatus - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| conditions | Conditions is a list of Wrangler conditions that describe the state of the bundle. | []genericcondition.GenericCondition | false | -| summary | Summary contains the number of bundle deployments in each state and a list of non-ready resources. | [BundleSummary](#bundlesummary) | false | -| newlyCreated | NewlyCreated is the number of bundle deployments that have been created, not updated. | int | false | -| unavailable | Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec. | int | true | -| unavailablePartitions | UnavailablePartitions is the number of unavailable partitions. | int | true | -| maxUnavailable | MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration. | int | true | -| maxUnavailablePartitions | MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions. | int | true | -| maxNew | MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time. | int | false | -| partitions | PartitionStatus lists the status of each partition. | \[\][PartitionStatus](#partitionstatus) | false | -| display | Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources. | [BundleDisplay](#bundledisplay) | false | -| resourceKey | ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.. | \[\][ResourceKey](#resourcekey) | false | -| observedGeneration | ObservedGeneration is the current generation of the bundle. | int64 | true | - -[Back to Custom Resources](#custom-resources) - -#### BundleSummary - -BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| notReady | NotReady is the number of bundle deployments that have been deployed where some resources are not ready. | int | false | -| waitApplied | WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed. | int | false | -| errApplied | ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle. | int | false | -| outOfSync | OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent. | int | false | -| modified | Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced. | int | false | -| ready | Ready is the number of bundle deployments that have been deployed where all resources are ready. | int | true | -| pending | Pending is the number of bundle deployments that are being processed by Fleet controller. | int | false | -| desiredReady | DesiredReady is the number of bundle deployments that should be ready. | int | true | -| nonReadyResources | NonReadyClusters is a list of states, which is filled for a bundle that is not ready. | \[\][NonReadyResource](#nonreadyresource) | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleTarget - -BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| BundleDeploymentOptions | | [BundleDeploymentOptions](#bundledeploymentoptions) | false | -| name | Name of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be used | string | false | -| clusterName | ClusterName to match a specific cluster by name that will be selected | string | false | -| clusterSelector | ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated. | *metav1.LabelSelector | false | -| clusterGroup | ClusterGroup to match a specific cluster group by name. | string | false | -| clusterGroupSelector | ClusterGroupSelector is a selector to match cluster groups. | *metav1.LabelSelector | false | -| doNotDeploy | DoNotDeploy if set to true, will not deploy to this target. | bool | false | - -[Back to Custom Resources](#custom-resources) - -#### BundleTargetRestriction - -BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | | string | false | -| clusterName | | string | false | -| clusterSelector | | *metav1.LabelSelector | false | -| clusterGroup | | string | false | -| clusterGroupSelector | | *metav1.LabelSelector | false | - -[Back to Custom Resources](#custom-resources) - #### ComparePatch ComparePatch matches a resource and removes fields from the check for modifications. @@ -505,17 +390,6 @@ ComparePatch matches a resource and removes fields from the check for modificati [Back to Custom Resources](#custom-resources) -#### Content - -Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| metadata | | metav1.ObjectMeta | false | -| content | Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them. | []byte | false | - -[Back to Custom Resources](#custom-resources) - #### DiffOptions @@ -540,12 +414,14 @@ HelmOptions for the deployment. For Helm-based bundles, all options can be used, | values | Values passed to Helm. It is possible to specify the keys and values as go template strings. | *GenericMap | false | | valuesFrom | ValuesFrom loads the values from configmaps and secrets. | \[\][ValuesFrom](#valuesfrom) | false | | force | Force allows to override immutable resources. This could be dangerous. | bool | false | -| takeOwnership | TakeOwnership makes Fleet skip the check for its own annotations | bool | false | +| takeOwnership | TakeOwnership makes helm skip the check for its own annotations | bool | false | | maxHistory | MaxHistory limits the maximum number of revisions saved per release by Helm. | int | false | | valuesFiles | ValuesFiles is a list of files to load values from. | []string | false | | waitForJobs | WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds | bool | false | | atomic | Atomic sets the --atomic flag when Helm is performing an upgrade | bool | false | | disablePreProcess | DisablePreProcess disables template processing in values | bool | false | +| disableDNS | DisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to `true` by default. | bool | false | +| skipSchemaValidation | SkipSchemaValidation allows skipping schema validation against the chart values | bool | false | [Back to Custom Resources](#custom-resources) @@ -595,20 +471,6 @@ ModifiedStatus is used to report the status of a resource that is modified. It i [Back to Custom Resources](#custom-resources) -#### NonReadyResource - -NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | Name is the name of the resource. | string | false | -| bundleState | State is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\". | BundleState | false | -| message | Message contains information why the bundle is not ready. | string | false | -| modifiedStatus | ModifiedStatus lists the state for each modified resource. | \[\][ModifiedStatus](#modifiedstatus) | false | -| nonReadyStatus | NonReadyStatus lists the state for each non-ready resource. | \[\][NonReadyStatus](#nonreadystatus) | false | - -[Back to Custom Resources](#custom-resources) - #### NonReadyStatus NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary. @@ -636,61 +498,6 @@ Operation of a ComparePatch, usually \"remove\". [Back to Custom Resources](#custom-resources) -#### Partition - -Partition defines a separate rollout strategy for a set of clusters. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | A user-friendly name given to the partition used for Display (optional). | string | false | -| maxUnavailable | A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10% | *intstr.IntOrString | false | -| clusterName | ClusterName is the name of a cluster to include in this partition | string | false | -| clusterSelector | Selector matching cluster labels to include in this partition | *metav1.LabelSelector | false | -| clusterGroup | A cluster group name to include in this partition | string | false | -| clusterGroupSelector | Selector matching cluster group labels to include in this partition | *metav1.LabelSelector | false | - -[Back to Custom Resources](#custom-resources) - -#### PartitionStatus - -PartitionStatus is the status of a single rollout partition. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| name | Name is the name of the partition. | string | false | -| count | Count is the number of clusters in the partition. | int | false | -| maxUnavailable | MaxUnavailable is the maximum number of unavailable clusters in the partition. | int | false | -| unavailable | Unavailable is the number of unavailable clusters in the partition. | int | false | -| summary | Summary is a summary state for the partition, calculated over its non-ready resources. | [BundleSummary](#bundlesummary) | false | - -[Back to Custom Resources](#custom-resources) - -#### ResourceKey - -ResourceKey lists resources, which will likely be deployed. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| kind | Kind is the k8s api kind of the resource. | string | false | -| apiVersion | APIVersion is the k8s api version of the resource. | string | false | -| namespace | Namespace is the namespace of the resource. | string | false | -| name | Name is the name of the resource. | string | false | - -[Back to Custom Resources](#custom-resources) - -#### RolloutStrategy - -RolloverStrategy controls the rollout of the bundle across clusters. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| maxUnavailable | A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100% | *intstr.IntOrString | false | -| maxUnavailablePartitions | A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0 | *intstr.IntOrString | false | -| autoPartitionSize | A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25% | *intstr.IntOrString | false | -| partitions | A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize. | \[\][Partition](#partition) | false | - -[Back to Custom Resources](#custom-resources) - #### SecretKeySelector @@ -723,90 +530,15 @@ YAMLOptions, if using raw YAML these are names that map to overlays/{name} files [Back to Custom Resources](#custom-resources) -#### AlphabeticalPolicy - -AlphabeticalPolicy specifies a alphabetical ordering policy. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| order | Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A. | string | false | - -[Back to Custom Resources](#custom-resources) - -#### CommitSpec - -CommitSpec specifies how to commit changes to the git repository - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| authorName | AuthorName gives the name to provide when making a commit | string | true | -| authorEmail | AuthorEmail gives the email to provide when making a commit | string | true | -| messageTemplate | MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made. | string | false | - -[Back to Custom Resources](#custom-resources) - -#### ImagePolicyChoice - -ImagePolicyChoice is a union of all the types of policy that can be supplied. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| semver | SemVer gives a semantic version range to check against the tags available. | *[SemVerPolicy](#semverpolicy) | false | -| alphabetical | Alphabetical set of rules to use for alphabetical ordering of the tags. | *[AlphabeticalPolicy](#alphabeticalpolicy) | false | - -[Back to Custom Resources](#custom-resources) - -#### ImageScan - +#### BundleNamespaceMapping +BundleNamespaceMapping maps bundles to clusters in other namespaces. | Field | Description | Scheme | Required | | ----- | ----------- | ------ | -------- | | metadata | | metav1.ObjectMeta | false | -| spec | | [ImageScanSpec](#imagescanspec) | false | -| status | | [ImageScanStatus](#imagescanstatus) | false | - -[Back to Custom Resources](#custom-resources) - -#### ImageScanSpec - -API is taken from https://github.com/fluxcd/image-reflector-controller - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| tagName | TagName is the tag ref that needs to be put in manifest to replace fields | string | false | -| gitrepoName | GitRepo reference name | string | false | -| image | Image is the name of the image repository | string | false | -| interval | Interval is the length of time to wait between scans of the image repository. | metav1.Duration | false | -| secretRef | SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with `kubectl create secret docker-registry`, or the equivalent. | *corev1.LocalObjectReference | false | -| suspend | This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false. | bool | false | -| policy | Policy gives the particulars of the policy to be followed in selecting the most recent image | [ImagePolicyChoice](#imagepolicychoice) | true | - -[Back to Custom Resources](#custom-resources) - -#### ImageScanStatus - - - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| conditions | | []genericcondition.GenericCondition | false | -| lastScanTime | LastScanTime is the last time image was scanned | metav1.Time | false | -| latestImage | LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy. | string | false | -| latestTag | Latest tag is the latest tag filtered by the policy | string | false | -| latestDigest | LatestDigest is the digest of latest tag | string | false | -| observedGeneration | | int64 | false | -| canonicalImageName | CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., `docker.io/library/alpine` rather than `alpine`. | string | false | - -[Back to Custom Resources](#custom-resources) - -#### SemVerPolicy - -SemVerPolicy specifies a semantic version policy. - -| Field | Description | Scheme | Required | -| ----- | ----------- | ------ | -------- | -| range | Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image. | string | true | +| bundleSelector | | *metav1.LabelSelector | false | +| namespaceSelector | | *metav1.LabelSelector | false | [Back to Custom Resources](#custom-resources) @@ -850,6 +582,56 @@ Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted c [Back to Custom Resources](#custom-resources) +#### ClusterSpec + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| paused | Paused if set to true, will stop any BundleDeployments from being updated. | bool | false | +| clientID | ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster. | string | false | +| kubeConfigSecret | KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap. | string | false | +| kubeConfigSecretNamespace | KubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within. | string | false | +| redeployAgentGeneration | RedeployAgentGeneration can be used to force redeploying the agent. | int64 | false | +| agentEnvVars | AgentEnvVars are extra environment variables to be added to the agent deployment. | []corev1.EnvVar | false | +| agentNamespace | AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system. | string | false | +| privateRepoURL | PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config. | string | false | +| templateValues | TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating. | *GenericMap | false | +| agentTolerations | AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment. | []corev1.Toleration | false | +| agentAffinity | AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used. | *corev1.Affinity | false | +| agentResources | AgentResources sets the resources for the cluster's agent deployment. | *corev1.ResourceRequirements | false | + +[Back to Custom Resources](#custom-resources) + +#### ClusterStatus + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| conditions | | []genericcondition.GenericCondition | false | +| namespace | Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\" | string | false | +| summary | Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource. | [BundleSummary](#bundlesummary) | false | +| resourceCounts | ResourceCounts is an aggregate over the GitRepoResourceCounts. | [GitRepoResourceCounts](#gitreporesourcecounts) | false | +| readyGitRepos | ReadyGitRepos is the number of gitrepos for this cluster that are ready. | int | true | +| desiredReadyGitRepos | DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready. | int | true | +| agentEnvVarsHash | AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes. | string | false | +| agentPrivateRepoURL | AgentPrivateRepoURL is the private repo URL for the agent that is currently used. | string | false | +| agentDeployedGeneration | AgentDeployedGeneration is the generation of the agent that is currently deployed. | *int64 | false | +| agentMigrated | AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status. | bool | false | +| agentNamespaceMigrated | AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status. | bool | false | +| cattleNamespaceMigrated | CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status. | bool | false | +| agentAffinityHash | AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes. | string | false | +| agentResourcesHash | AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes. | string | false | +| agentTolerationsHash | AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes. | string | false | +| agentConfigChanged | AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster. | bool | false | +| apiServerURL | APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream. | string | false | +| apiServerCAHash | APIServerCAHash is a hash of the upstream API server CA, used to detect changes. | string | false | +| display | Display contains the number of ready bundles, nodes and a summary state. | [ClusterDisplay](#clusterdisplay) | false | +| agent | AgentStatus contains information about the agent. | [AgentStatus](#agentstatus) | false | + +[Back to Custom Resources](#custom-resources) + #### ClusterGroup ClusterGroup is a re-usable selector to target a group of clusters. @@ -968,51 +750,270 @@ ClusterRegistrationToken is used by agents to register a new cluster. [Back to Custom Resources](#custom-resources) -#### ClusterSpec +#### Content + +Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| metadata | | metav1.ObjectMeta | false | +| content | Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them. | []byte | false | + +[Back to Custom Resources](#custom-resources) + +#### CommitSpec + +CommitSpec specifies how to commit changes to the git repository + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| authorName | AuthorName gives the name to provide when making a commit | string | true | +| authorEmail | AuthorEmail gives the email to provide when making a commit | string | true | +| messageTemplate | MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made. | string | false | + +[Back to Custom Resources](#custom-resources) + +#### CorrectDrift | Field | Description | Scheme | Required | | ----- | ----------- | ------ | -------- | -| paused | Paused if set to true, will stop any BundleDeployments from being updated. | bool | false | -| clientID | ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster. | string | false | -| kubeConfigSecret | KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. | string | false | -| redeployAgentGeneration | RedeployAgentGeneration can be used to force redeploying the agent. | int64 | false | -| agentEnvVars | AgentEnvVars are extra environment variables to be added to the agent deployment. | []v1.EnvVar | false | -| agentNamespace | AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system. | string | false | -| privateRepoURL | PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config. | string | false | -| templateValues | TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating. | *GenericMap | false | -| agentTolerations | AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment. | []v1.Toleration | false | -| agentAffinity | AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used. | *v1.Affinity | false | -| agentResources | AgentResources sets the resources for the cluster's agent deployment. | *v1.ResourceRequirements | false | +| enabled | Enabled correct drift if true. | bool | false | +| force | Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release. | bool | false | +| keepFailHistory | KeepFailHistory keeps track of failed rollbacks in the helm history. | bool | false | [Back to Custom Resources](#custom-resources) -#### ClusterStatus +#### GitRepo + +GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| metadata | | metav1.ObjectMeta | false | +| spec | | [GitRepoSpec](#gitrepospec) | false | +| status | | [GitRepoStatus](#gitrepostatus) | false | + +[Back to Custom Resources](#custom-resources) + +#### GitRepoDisplay + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| readyBundleDeployments | ReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments. | string | false | +| state | State is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank. | string | false | +| message | Message contains the relevant message from the deployment conditions. | string | false | +| error | Error is true if a message is present. | bool | false | + +[Back to Custom Resources](#custom-resources) + +#### GitRepoResource + +GitRepoResource contains metadata about the resources of a bundle. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| apiVersion | APIVersion is the API version of the resource. | string | false | +| kind | Kind is the k8s kind of the resource. | string | false | +| type | Type is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\". | string | false | +| id | ID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\". | string | false | +| namespace | Namespace of the resource. | string | false | +| name | Name of the resource. | string | false | +| incompleteState | IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states. | bool | false | +| state | State is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\". | string | false | +| error | Error is true if any Error in the PerClusterState is true. | bool | false | +| transitioning | Transitioning is true if any Transitioning in the PerClusterState is true. | bool | false | +| message | Message is the first message from the PerClusterStates. | string | false | +| perClusterState | PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources. | \[\][ResourcePerClusterState](#resourceperclusterstate) | false | + +[Back to Custom Resources](#custom-resources) + +#### GitRepoResourceCounts + +GitRepoResourceCounts contains the number of resources in each state. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| ready | Ready is the number of ready resources. | int | true | +| desiredReady | DesiredReady is the number of resources that should be ready. | int | true | +| waitApplied | WaitApplied is the number of resources that are waiting to be applied. | int | true | +| modified | Modified is the number of resources that have been modified. | int | true | +| orphaned | Orphaned is the number of orphaned resources. | int | true | +| missing | Missing is the number of missing resources. | int | true | +| unknown | Unknown is the number of resources in an unknown state. | int | true | +| notReady | NotReady is the number of not ready resources. Resources are not ready if they do not match any other state. | int | true | + +[Back to Custom Resources](#custom-resources) + +#### GitRepoSpec + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| repo | Repo is a URL to a git repo to clone and index. | string | false | +| branch | Branch The git branch to follow. | string | false | +| revision | Revision A specific commit or tag to operate on. | string | false | +| targetNamespace | Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand. | string | false | +| clientSecretName | ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\". | string | false | +| helmSecretName | HelmSecretName contains the auth secret for a private Helm repository. | string | false | +| helmSecretNameForPaths | HelmSecretNameForPaths contains the auth secret for private Helm repository for each path. | string | false | +| helmRepoURLRegex | HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided. | string | false | +| caBundle | CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate. | []byte | false | +| insecureSkipTLSVerify | InsecureSkipTLSverify will use insecure HTTPS to clone the repo. | bool | false | +| paths | Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default. | []string | false | +| paused | Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync. | bool | false | +| serviceAccount | ServiceAccount used in the downstream cluster for deployment. | string | false | +| targets | Targets is a list of targets this repo will deploy to. | \[\][GitTarget](#gittarget) | false | +| pollingInterval | PollingInterval is how often to check git for new updates. | *metav1.Duration | false | +| forceSyncGeneration | Increment this number to force a redeployment of contents from Git. | int64 | false | +| imageScanInterval | ImageScanInterval is the interval of syncing scanned images and writing back to git repo. | *metav1.Duration | false | +| imageScanCommit | Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo. | [CommitSpec](#commitspec) | false | +| keepResources | KeepResources specifies if the resources created must be kept after deleting the GitRepo. | bool | false | +| correctDrift | CorrectDrift specifies how drift correction should work. | [CorrectDrift](#correctdrift) | false | + +[Back to Custom Resources](#custom-resources) + +#### GitRepoStatus + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| observedGeneration | ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status. | int64 | true | +| commit | Commit is the Git commit hash from the last gitjob run. | string | false | +| readyClusters | ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo. | int | true | +| desiredReadyClusters | DesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo. | int | true | +| gitJobStatus | GitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error. | string | false | +| summary | Summary contains the number of bundle deployments in each state and a list of non-ready resources. | [BundleSummary](#bundlesummary) | false | +| display | Display contains a human readable summary of the status. | [GitRepoDisplay](#gitrepodisplay) | false | +| conditions | Conditions is a list of Wrangler conditions that describe the state of the GitRepo. | []genericcondition.GenericCondition | false | +| resources | Resources contains metadata about the resources of each bundle. | \[\][GitRepoResource](#gitreporesource) | false | +| resourceCounts | ResourceCounts contains the number of resources in each state over all bundles. | [GitRepoResourceCounts](#gitreporesourcecounts) | false | +| resourceErrors | ResourceErrors is a sorted list of errors from the resources. | []string | false | +| lastSyncedImageScanTime | LastSyncedImageScanTime is the time of the last image scan. | metav1.Time | false | + +[Back to Custom Resources](#custom-resources) + +#### GitTarget + +GitTarget is a cluster or cluster group to deploy to. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| name | Name is the name of this target. | string | false | +| clusterName | ClusterName is the name of a cluster. | string | false | +| clusterSelector | ClusterSelector is a label selector to select clusters. | *metav1.LabelSelector | false | +| clusterGroup | ClusterGroup is the name of a cluster group in the same namespace as the clusters. | string | false | +| clusterGroupSelector | ClusterGroupSelector is a label selector to select cluster groups. | *metav1.LabelSelector | false | + +[Back to Custom Resources](#custom-resources) + +#### ResourcePerClusterState + +ResourcePerClusterState is generated for each non-ready resource of the bundles. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| state | State is the state of the resource. | string | false | +| error | Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources. | bool | false | +| transitioning | Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources. | bool | false | +| message | Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'. | string | false | +| patch | Patch for modified resources. | *GenericMap | false | +| clusterId | ClusterID is the id of the cluster. | string | false | + +[Back to Custom Resources](#custom-resources) + +#### GitRepoRestriction + +GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| metadata | | metav1.ObjectMeta | false | +| defaultServiceAccount | DefaultServiceAccount overrides the GitRepo's default service account. | string | false | +| allowedServiceAccounts | AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use. | []string | false | +| allowedRepoPatterns | AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo. | []string | false | +| defaultClientSecretName | DefaultClientSecretName overrides the GitRepo's default client secret. | string | false | +| allowedClientSecretNames | AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use. | []string | false | +| allowedTargetNamespaces | AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set. | []string | false | + +[Back to Custom Resources](#custom-resources) + +#### AlphabeticalPolicy + +AlphabeticalPolicy specifies a alphabetical ordering policy. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| order | Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A. | string | false | + +[Back to Custom Resources](#custom-resources) + +#### ImagePolicyChoice + +ImagePolicyChoice is a union of all the types of policy that can be supplied. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| semver | SemVer gives a semantic version range to check against the tags available. | *[SemVerPolicy](#semverpolicy) | false | +| alphabetical | Alphabetical set of rules to use for alphabetical ordering of the tags. | *[AlphabeticalPolicy](#alphabeticalpolicy) | false | + +[Back to Custom Resources](#custom-resources) + +#### ImageScan + + + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| metadata | | metav1.ObjectMeta | false | +| spec | | [ImageScanSpec](#imagescanspec) | false | +| status | | [ImageScanStatus](#imagescanstatus) | false | + +[Back to Custom Resources](#custom-resources) + +#### ImageScanSpec + +API is taken from https://github.com/fluxcd/image-reflector-controller + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| tagName | TagName is the tag ref that needs to be put in manifest to replace fields | string | false | +| gitrepoName | GitRepo reference name | string | false | +| image | Image is the name of the image repository | string | false | +| interval | Interval is the length of time to wait between scans of the image repository. | metav1.Duration | false | +| secretRef | SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with `kubectl create secret docker-registry`, or the equivalent. | *corev1.LocalObjectReference | false | +| suspend | This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false. | bool | false | +| policy | Policy gives the particulars of the policy to be followed in selecting the most recent image | [ImagePolicyChoice](#imagepolicychoice) | true | + +[Back to Custom Resources](#custom-resources) + +#### ImageScanStatus | Field | Description | Scheme | Required | | ----- | ----------- | ------ | -------- | | conditions | | []genericcondition.GenericCondition | false | -| namespace | Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\" | string | false | -| summary | Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource. | [BundleSummary](#bundlesummary) | false | -| resourceCounts | ResourceCounts is an aggregate over the GitRepoResourceCounts. | [GitRepoResourceCounts](#gitreporesourcecounts) | false | -| readyGitRepos | ReadyGitRepos is the number of gitrepos for this cluster that are ready. | int | true | -| desiredReadyGitRepos | DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready. | int | true | -| agentEnvVarsHash | AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes. | string | false | -| agentPrivateRepoURL | AgentPrivateRepoURL is the private repo URL for the agent that is currently used. | string | false | -| agentDeployedGeneration | AgentDeployedGeneration is the generation of the agent that is currently deployed. | *int64 | false | -| agentMigrated | AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status. | bool | false | -| agentNamespaceMigrated | AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status. | bool | false | -| cattleNamespaceMigrated | CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status. | bool | false | -| agentAffinityHash | AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes. | string | false | -| agentResourcesHash | AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes. | string | false | -| agentTolerationsHash | AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes. | string | false | -| agentConfigChanged | AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster. | bool | false | -| apiServerURL | APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream. | string | false | -| apiServerCAHash | APIServerCAHash is a hash of the upstream API server CA, used to detect changes. | string | false | -| display | Display contains the number of ready bundles, nodes and a summary state. | [ClusterDisplay](#clusterdisplay) | false | -| agent | AgentStatus contains information about the agent. | [AgentStatus](#agentstatus) | false | +| lastScanTime | LastScanTime is the last time image was scanned | metav1.Time | false | +| latestImage | LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy. | string | false | +| latestTag | Latest tag is the latest tag filtered by the policy | string | false | +| latestDigest | LatestDigest is the digest of latest tag | string | false | +| observedGeneration | | int64 | false | +| canonicalImageName | CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., `docker.io/library/alpine` rather than `alpine`. | string | false | + +[Back to Custom Resources](#custom-resources) + +#### SemVerPolicy + +SemVerPolicy specifies a semantic version policy. + +| Field | Description | Scheme | Required | +| ----- | ----------- | ------ | -------- | +| range | Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image. | string | true | [Back to Custom Resources](#custom-resources)